Teichos Logo

Rules and Regulations



As a health care provider, clearinghouse, healthplan, or business associate, you are required to comply with the Security and Privacy Rules established under the Health Insurance Portability and Accountability Act.  These requirements have been updated to include the requirements of the Health Information Technology for Economic and Clinical Health (HITECH) Act.  In addition to more stringent requirements to implement administrative, physical, and technical safeguards to protect Protected Health Information (PHI) and electronic PHI (ePHI), HITECH increases potential penalties for information breaches.  Once a breach is discovered, notification requirements range from individual notification to public media for breaches affecting 500 or more individuals.  Aside from the negative publicity associated with data breaches, penalties for organizations showing "willful neglect" can reach $1,500,000.  Penalties, in general, are significantly reduced when reasonable diligence is exercised. Teichos Consulting will conduct a comprehensive review of policies and procedures, as well as administrative, physical, and technical security safeguards, to ensure your organization will meet or exceed the test of reasonable diligence.


The Federal Information Security and Management Act (FISMA) of 2002 defined a comprehensive framework aimed at protecting government information and assets against both natural and man-made threats.  It directed the National Institute of Standards and Technology (NIST) to develop security standards and guidelines to implement a risk management framework and security safeguards for federal information systems.  It requires federal agencies to categorize information and information systems to be protected and implement a minimum baseline of security controls.  Additionally, security controls must be documented and regularly assessed to determine their effectiveness.  All information systems must be formally authorized to operate and security controls must be monitored on a continuous basis.

Teichos Consulting provides independent security assessments of information systems as required by FISMA for most information systems.  Our security professionals hold DoD 8570 approved certifications to meet IA Workforce Qualification Requirements for all IAT, IAM, IASAE Levels.  Our seasoned consultants are ready to provide comprehensive security services supporting FISMA requirements, to include full SA&A documentation package.

Compliance Image